Hello all, We have a legacy YARN Application code and we were looking at the changes needed to allow this to run on a Kerberos cluster. The AM (ApplnMaster) builds an RPC Server and the Client connects to this to get status updates and program output.
1) Is there an example for this kind of RPC Setup on a Kerberos cluster? We followed the outline in the TestSaslRPC test (testKerberosRpc function), but we were wondering if there is a better way? 2) The main issue now is that our changes depend on the user having a keytab. Following the TestSaslRPC outline, we do a SecurityUtil.login(conf, (user keytab), (user principal)) when we build the RPC Server (AM side) and the Client code is able to connect to it. But ideally the user would have logged in with only a password and that should be enough. How do we login and build the RPC Server on the AM side without asking for a password? Regards, Ramachandran K.N. Ph: 814-441-4279
